Examples with FilterDef org.apache.tomcat.util.descriptor.web.FilterDef used on opensource projects

Search in sources :

Example 16 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class WebAnnotationSet method loadApplicationFilterAnnotations.

/**
     * Process the annotations for the filters.
     * @param context The context which will have its annotations processed
     */
protected static void loadApplicationFilterAnnotations(Context context) {
    FilterDef[] filterDefs = context.findFilterDefs();
    for (FilterDef filterDef : filterDefs) {
        Class<?> classClass = Introspection.loadClass(context, filterDef.getFilterClass());
        if (classClass == null) {
            continue;
        }
        loadClassAnnotation(context, classClass);
        loadFieldsAnnotation(context, classClass);
        loadMethodsAnnotation(context, classClass);
    }
}
Also used : FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef)

Example 17 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestRemoteIpFilter method testRequestAttributesForAccessLog.

@Test
public void testRequestAttributesForAccessLog() throws Exception {
    // PREPARE
    FilterDef filterDef = new FilterDef();
    filterDef.addInitParameter("protocolHeader", "x-forwarded-proto");
    filterDef.addInitParameter("remoteIpHeader", "x-my-forwarded-for");
    filterDef.addInitParameter("httpServerPort", "8080");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRemoteAddr("192.168.0.10");
    request.setHeader("x-my-forwarded-for", "140.211.11.130");
    request.setHeader("x-forwarded-proto", "http");
    // TEST
    HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
    // VERIFY
    Assert.assertEquals("org.apache.catalina.AccessLog.ServerPort", Integer.valueOf(8080), actualRequest.getAttribute(AccessLog.SERVER_PORT_ATTRIBUTE));
    Assert.assertEquals("org.apache.catalina.AccessLog.RemoteAddr", "140.211.11.130", actualRequest.getAttribute(AccessLog.REMOTE_ADDR_ATTRIBUTE));
    Assert.assertEquals("org.apache.catalina.AccessLog.RemoteHost", "140.211.11.130", actualRequest.getAttribute(AccessLog.REMOTE_HOST_ATTRIBUTE));
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 18 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestRemoteIpFilter method testWithTomcatServer.

/*
     * Test {@link RemoteIpFilter} in Tomcat standalone server
     */
@Test
public void testWithTomcatServer() throws Exception {
    // mostly default configuration : enable "x-forwarded-proto"
    Map<String, String> remoteIpFilterParameter = new HashMap<>();
    remoteIpFilterParameter.put("protocolHeader", "x-forwarded-proto");
    // SETUP
    Tomcat tomcat = getTomcatInstance();
    Context root = tomcat.addContext("", TEMP_DIR);
    FilterDef filterDef = new FilterDef();
    filterDef.getParameterMap().putAll(remoteIpFilterParameter);
    filterDef.setFilterClass(RemoteIpFilter.class.getName());
    filterDef.setFilterName(RemoteIpFilter.class.getName());
    root.addFilterDef(filterDef);
    FilterMap filterMap = new FilterMap();
    filterMap.setFilterName(RemoteIpFilter.class.getName());
    filterMap.addURLPatternDecoded("*");
    root.addFilterMap(filterMap);
    MockHttpServlet mockServlet = new MockHttpServlet();
    Tomcat.addServlet(root, mockServlet.getClass().getName(), mockServlet);
    root.addServletMappingDecoded("/test", mockServlet.getClass().getName());
    getTomcatInstance().start();
    // TEST
    HttpURLConnection httpURLConnection = (HttpURLConnection) new URL("http://localhost:" + tomcat.getConnector().getLocalPort() + "/test").openConnection();
    String expectedRemoteAddr = "my-remote-addr";
    httpURLConnection.addRequestProperty("x-forwarded-for", expectedRemoteAddr);
    httpURLConnection.addRequestProperty("x-forwarded-proto", "https");
    // VALIDATE
    Assert.assertEquals(HttpURLConnection.HTTP_OK, httpURLConnection.getResponseCode());
    HttpServletRequest request = mockServlet.getRequest();
    Assert.assertNotNull(request);
    // VALIDATE X-FORWARDED-FOR
    Assert.assertEquals(expectedRemoteAddr, request.getRemoteAddr());
    Assert.assertEquals(expectedRemoteAddr, request.getRemoteHost());
    // VALIDATE X-FORWARDED-PROTO
    Assert.assertTrue(request.isSecure());
    Assert.assertEquals("https", request.getScheme());
    Assert.assertEquals(443, request.getServerPort());
}
Also used : Context(org.apache.catalina.Context) TesterContext(org.apache.tomcat.unittest.TesterContext) HttpServletRequest(javax.servlet.http.HttpServletRequest) Tomcat(org.apache.catalina.startup.Tomcat) HttpURLConnection(java.net.HttpURLConnection) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) HashMap(java.util.HashMap) FilterMap(org.apache.tomcat.util.descriptor.web.FilterMap) URL(java.net.URL) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 19 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestRemoteIpFilter method testInvokeUntrustedProxyInTheChain.

@Test
public void testInvokeUntrustedProxyInTheChain() throws Exception {
    // PREPARE
    FilterDef filterDef = new FilterDef();
    filterDef.addInitParameter("internalProxies", "192\\.168\\.0\\.10|192\\.168\\.0\\.11");
    filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
    filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
    filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("remote-host-original-value");
    request.setHeader("x-forwarded-for", "140.211.11.130, proxy1, untrusted-proxy, proxy2");
    // TEST
    HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
    // VERIFY
    String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
    assertEquals("ip/host before untrusted-proxy must appear in x-forwarded-for", "140.211.11.130, proxy1", actualXForwardedFor);
    String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
    assertEquals("ip/host after untrusted-proxy must appear in  x-forwarded-by", "proxy2", actualXForwardedBy);
    String actualRemoteAddr = actualRequest.getRemoteAddr();
    assertEquals("remoteAddr", "untrusted-proxy", actualRemoteAddr);
    String actualRemoteHost = actualRequest.getRemoteHost();
    assertEquals("remoteHost", "untrusted-proxy", actualRemoteHost);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Example 20 with FilterDef

use of org.apache.tomcat.util.descriptor.web.FilterDef in project tomcat by apache.

the class TestRemoteIpFilter method testInvokeAllProxiesAreTrustedAndRemoteAddrMatchRegexp.

@Test
public void testInvokeAllProxiesAreTrustedAndRemoteAddrMatchRegexp() throws Exception {
    // PREPARE
    FilterDef filterDef = new FilterDef();
    filterDef.addInitParameter("internalProxies", "127\\.0\\.0\\.1|192\\.168\\..*|another-internal-proxy");
    filterDef.addInitParameter("trustedProxies", "proxy1|proxy2|proxy3");
    filterDef.addInitParameter("remoteIpHeader", "x-forwarded-for");
    filterDef.addInitParameter("proxiesHeader", "x-forwarded-by");
    MockHttpServletRequest request = new MockHttpServletRequest();
    request.setRemoteAddr("192.168.0.10");
    request.setRemoteHost("remote-host-original-value");
    request.addHeader("x-forwarded-for", "140.211.11.130");
    request.addHeader("x-forwarded-for", "proxy1");
    request.addHeader("x-forwarded-for", "proxy2");
    // TEST
    HttpServletRequest actualRequest = testRemoteIpFilter(filterDef, request).getRequest();
    // VERIFY
    String actualXForwardedFor = actualRequest.getHeader("x-forwarded-for");
    assertNull("all proxies are trusted, x-forwarded-for must be null", actualXForwardedFor);
    String actualXForwardedBy = actualRequest.getHeader("x-forwarded-by");
    assertEquals("all proxies are trusted, they must appear in x-forwarded-by", "proxy1, proxy2", actualXForwardedBy);
    String actualRemoteAddr = actualRequest.getRemoteAddr();
    assertEquals("remoteAddr", "140.211.11.130", actualRemoteAddr);
    String actualRemoteHost = actualRequest.getRemoteHost();
    assertEquals("remoteHost", "140.211.11.130", actualRemoteHost);
}
Also used : HttpServletRequest(javax.servlet.http.HttpServletRequest) FilterDef(org.apache.tomcat.util.descriptor.web.FilterDef) TomcatBaseTest(org.apache.catalina.startup.TomcatBaseTest) Test(org.junit.Test)

Aggregations

FilterDef (org.apache.tomcat.util.descriptor.web.FilterDef)32 Test (org.junit.Test)16 FilterMap (org.apache.tomcat.util.descriptor.web.FilterMap)14 TomcatBaseTest (org.apache.catalina.startup.TomcatBaseTest)13 HttpServletRequest (javax.servlet.http.HttpServletRequest)11 Context (org.apache.catalina.Context)8 HashMap (java.util.HashMap)7 Tomcat (org.apache.catalina.startup.Tomcat)5 SecurityConstraint (org.apache.tomcat.util.descriptor.web.SecurityConstraint)4 File (java.io.File)3 Container (org.apache.catalina.Container)3 JavaClassCacheEntry (org.apache.catalina.startup.ContextConfig.JavaClassCacheEntry)3 IOException (java.io.IOException)2 HttpURLConnection (java.net.HttpURLConnection)2 URL (java.net.URL)2 List (java.util.List)2 ConcurrentHashMap (java.util.concurrent.ConcurrentHashMap)2 Wrapper (org.apache.catalina.Wrapper)2 ErrorPage (org.apache.tomcat.util.descriptor.web.ErrorPage)2 WebXml (org.apache.tomcat.util.descriptor.web.WebXml)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial